paritybit.ca

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit 7db8113bb87067e6f488966c634069c18cb4a5ea
parent c65a65e34ffb523e635d5a8414bc6cab5c6b1c92
Author: Jake Bauer <jbauer@paritybit.ca>
Date:   Fri, 17 Jul 2020 23:50:42 -0400

Merge branch 'master' of git.sr.ht:~jbauer/paritybit.ca into master

Diffstat:
Mpages/blog.md | 2++
Apages/blog/be-a-good-netizen.md | 80+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mpages/blog/why-i-hate-the-term-modern.md | 55++++++++++++++++++++++++++++++++++++++++++++++++++-----
Mpages/home.md | 7++++---
Mpublic/feeds/sitewide-feed.xml | 76++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Apublic/img/cisco-ssl-error-thumb.png | 0
Apublic/img/cisco-ssl-error.png | 0
Apublic/img/firefox-settings-thumb.png | 0
Apublic/img/firefox-settings.png | 0
Apublic/img/reporting-cisco-error-thumb.png | 0
Apublic/img/reporting-cisco-error.png | 0
Mpublic/sitemap.xml | 2++
12 files changed, 214 insertions(+), 8 deletions(-)

diff --git a/pages/blog.md b/pages/blog.md @@ -28,6 +28,8 @@ href="https://social.paritybit.ca/@jbauer">Mastodon</a>. ### 2020 <ul> <li>2020-07-17 <a href="blog/my-attempts-to-fix-my-mastodon-instance">My Attempts to Fix My Mastodon Instance</a></li> + <li>2020-07-16 <a href="blog/why-i-hate-the-term-modern">Why I Hate The Term "Modern"</a></li> + <li>2020-07-15 <a href="blog/be-a-good-netizen">Be A Good Netizen</a></li> <li>2020-07-14 <a href="blog/debian-with-btrfs">Installing Debian 10 Buster with Encrypted LVM and btrfs Subvolumes</a></li> <li>2020-07-13 <a href="blog/using-rm-with-trash">Using the "rm" Command with Trash</a></li> <li>2020-07-13 <a href="blog/new-desktop-checklist">New Desktop Checklist</a></li> diff --git a/pages/blog/be-a-good-netizen.md b/pages/blog/be-a-good-netizen.md @@ -0,0 +1,80 @@ +## Be A Good Netizen + +[//]: # "Since my post for today is taking longer than expected, I want to share this story to encourage others to be good netizens." + +[//]: # "main.min.css" + +[//]: # + +<div class="byline"> +<b>Written By:</b> Jake Bauer | + <b>Posted:</b> 2020-07-15 | + <b>Last Updated:</b> 2020-07-15 +</div> + +I was working on my post for today and since that's taking a little longer than +expected, I figured I'd tell this story in the hopes that it gets more people to +do the same when they encounter a situation like this. + +A [toot about some recent Cisco +vulnerabilities](https://social.paritybit.ca/web/statuses/104521055804587168) +caught my attention. I'm used to seeing Cisco vulnerabilities, but what I +wasn't used to was the following SSL connection error I encountered when trying +to view the advisories: + +<figure> + <a href="/img/cisco-ssl-error.png"><img src="/img/cisco-ssl-error-thumb.png" + alt="A tab in Mozilla Firefox showing an attempt to connect to + tools.cisco.com with the following error message: Secure Connection Failed + An error occurred during a connection to tools.cisco.com. Peer attempted old + style (potentially vulnerable) handshake. Error code: + SSL_ERROR_UNSAFE_NEGOTIATION The page you are trying to view cannot be shown + because the authenticity of the received data could not be verified."/></a> +</figure> + +Which I was only alerted to when I shared this link with a friend, and he told +me about the following settings (which I have since activated) in Firefox: + +<figure> + <a href="/img/firefox-settings.png"><img + src="/img/firefox-settings-thumb.png" alt="Mozilla Firefox's about:config + page showing the settings 'security.ssl.require_safe_negotiation' and + 'security.ssl.treat_unsafe_negotation_as_broken' both set to true."/></a> +</figure> + +When those settings are activated (technically only the first is strictly +necessary to prevent connections to broken sites) they will stop the browser from +connecting to websites with broken SSL negotiation. This is a [fairly +significant issue](https://wiki.mozilla.org/Security:Renegotiation) so it's good +to have those settings activated. + +[I poked fun at Cisco in a response to the original +toot](https://social.paritybit.ca/web/statuses/104521184568713589) because... +well... how does a company this large which specializes in networking and +network security equipment allow something like this to happen, especially on +their security advisories page? + +However, the moral of this story (aside from turning on those settings in +Firefox), is: when something is broken be a good +[netizen](https://www.merriam-webster.com/dictionary/netizen) and let the +siteowners know; things can't be fixed if they don't know about it. I submitted +the following report to Cisco letting them know of the problem: + +<figure> + <a href="/img/reporting-cisco-error.png"><img + src="/img/reporting-cisco-error-thumb.png" alt="A Cisco general contact page with + a filled out contact form. The form is filled out with information relating + to the SSL error I experienced when previously trying to connect to + tools.cisco.com. Also filled in is my email address, my name, and the link + that I was trying to access. On the right is a set of radio buttons labelled + 'Page rating' with the least favourable option 'Poor minus minus' + selected."/></a> +</figure> + +If you come across something like this in the future, I hope you too will be a +good netizen and do the right thing! + +_This is my seventy-second post for the +[#100DaysToOffload](https://social.paritybit.ca/tags/100DaysToOffload) +challenge. You can learn more about this challenge over at +[https://100daystooffload.com](https://100daystooffload.com)._ diff --git a/pages/blog/why-i-hate-the-term-modern.md b/pages/blog/why-i-hate-the-term-modern.md @@ -1,6 +1,6 @@ ## Why I Hate The Term "Modern" -[//]: # "META_TEXT" +[//]: # "I strongly despise the word 'modern' because of its use as a term to demean and as a way for people to refuse to consider something based solely off of mistaken notions of what modernity means." [//]: # "main.min.css" @@ -8,10 +8,16 @@ <div class="byline"> <b>Written By:</b> Jake Bauer | - <b>Posted:</b> [DATE] | - <b>Last Updated:</b> [DATE] + <b>Posted:</b> 2020-07-16 | + <b>Last Updated:</b> 2020-07-16 </div> +I strongly despise the word "modern" because of its use as a term to demean and +refuse to consider something just because it wasn't created in the last handful +of years and even to market something as being good because it's new. The word +modern has somehow become associated with "something better" even though, in the +context of computing, that is rarely true. + According to [Merriam-Webster](https://www.merriam-webster.com/dictionary/modern), the word "modern" is defined as: @@ -35,9 +41,48 @@ According to // Modern art has abandoned the representation of recognizable objects. ``` -What I care about here is the second definition. +Really what I'm focusing on here is the second definition and its misuse as a +term to justify derision toward programming practices, languages, and software +solely based on the age or appearance of said practice, language or piece of +software. + +For example, I have encountered situations where others would look at the tools +that I am using, such as Neovim (which has its roots in the 1976 editor vi), or +command-line email clients such as NeoMutt (which has its roots in the 1995 mail +client Mutt) or aerc (which had its first release a little over a year ago) and +say things like "Why not use a modern editor like VS Code?" or "Why not use a +modern web interface for your email?". + +Naturally I'm happy to answer those questions, especially when asked by people +who are genuinely curious and not deriding, but I have so often seen tools, +practices, and software rejected for not being "modern" (whatever that actually +means), that my guard instantly goes up and I assume I'm about to be chastised +for using something uncommon. + +For a more specific, generally relatable example, there's the Git email +workflow. I have seen the argument made that using Git via email is not "modern" +and the GitHub way to contribute to projects is the "modern" way of doing things +as a way to put down this type of workflow. Just because something is recent, +newer, or shinier does not make it automatically better. In fact, in this +particular case I'd argue that the Git email workflow is far superior to the +pull request workflow for a multitude of reasons, as I have so often said in the +past. + +To stop myself from rambling on (many paragraphs have been deleted and +re-written), I will end by saying that it's not some ethereal notion of newness +that makes something good but the actual merits of a technique or piece of +software that makes it good. Just because something doesn't look pretty or +follow a common way of doing things perpetuated or created by Silicon Valley +companies doesn't make it automatically bad. ¬□("Modern" = "Good"). + +Text editors like Vim and Emacs, email clients like NeoMutt, Alpine, mu4e, or +aerc, development practices like the Git email workflow, and even web browsers +such as Lynx and w3m allow people to get work done in a way that is efficient +for them. Please don't shun something based on first looks or some mistaken +notion of what constitutes modernity; evaluate things based upon their merit +at least after considering them or giving them a try. -_This is my seventy-second post for the +_This is my seventy-third post for the [#100DaysToOffload](https://social.paritybit.ca/tags/100DaysToOffload) challenge. You can learn more about this challenge over at [https://100daystooffload.com](https://100daystooffload.com)._ diff --git a/pages/home.md b/pages/home.md @@ -20,6 +20,10 @@ This site will soon™️ be available over Gopher and Gemini. </div> 2020-07-17 <a class="feed-item" href="blog/my-attempts-to-fix-my-mastodon-instance">My Attempts to Fix My Mastodon Instance</a> +2020-07-16 <a class="feed-item" href="blog/why-i-hate-the-term-modern">Why I Hate The Term "Modern"</a> + +2020-07-15 <a class="feed-item" href="blog/be-a-good-netizen">Be A Good Netizen</a> + 2020-07-14 <a class="feed-item" href="blog/debian-with-btrfs">Installing Debian 10 Buster with Encrypted LVM and btrfs Subvolumes</a> 2020-07-13 <a class="feed-item" href="blog/using-rm-with-trash">Using the "rm" Command with Trash</a> @@ -34,9 +38,6 @@ This site will soon™️ be available over Gopher and Gemini. 2020-07-09 <a class="feed-item" href="blog/migrating-my-wiki-off-of-mediawiki">Migrating My Wiki Off of MediaWiki</a> -2020-07-08 <a class="feed-item" href="blog/my-todo-solution">My TODO Solution</a> - -2020-07-07 <a class="feed-item" href="blog/are-todo-applications-a-waste-of-time">Are TODO Applications a Waste of Time?</a> ### What is a Parity Bit? It is a bit (in the 1's and 0's sense) used in checking for errors in digital diff --git a/public/feeds/sitewide-feed.xml b/public/feeds/sitewide-feed.xml @@ -38,6 +38,82 @@ Jul 18 02:03:31 eris bundle[902]: [7187785d-5345-413e-a08a-3854c43a0e94]</code>< <p>I’m kind of getting fed up with the technologies used by Mastodon. Not only does my server eat RAM because of the use of technologies like Ruby and Node.js, it feels very duct-taped together and difficult to diagnose without being intimately familiar with either Mastodon’s workings or Ruby environments in general. I appreciate the efforts of the Mastodon developers in creating this software, but I don’t think the technologies used are particularly good.</p> <p>For this reason, unless I can figure out how to solve the above problems, I will be standing up a Pleroma instance (it’s basically like Mastodon but doesn’t eat as much RAM and only externally requires a database, as opposed to a whole suite of web technologies, among other things). The migration won’t be quick and I’ll probably lose a few followers along the way, but I think it’ll be worth it in the end to move to a platform that won’t be as frustrating to diagnose or fix.</p> <p><em>This is my seventy-fourth post for the <a href="https://social.paritybit.ca/tags/100DaysToOffload">#100DaysToOffload</a> challenge. You can learn more about this challenge over at <a href="https://100daystooffload.com">https://100daystooffload.com</a>.</em></p>]]></description> + <title>Why I Hate The Term "Modern"</title> + <link>https://www.paritybit.ca/blog/why-i-hate-the-term-modern</link> + <guid>https://www.paritybit.ca/blog/why-i-hate-the-term-modern</guid> + <pubDate>Thu, 16 Jul 2020 23:58:51 -0400</pubDate> + <description><![CDATA[<h2 id="why-i-hate-the-term-modern">Why I Hate The Term “Modern”</h2> +<div class="byline"> +<p><b>Written By:</b> Jake Bauer | <b>Posted:</b> 2020-07-16 | <b>Last Updated:</b> 2020-07-16</p> +</div> +<p>I strongly despise the word “modern” because of its use as a term to demean and refuse to consider something just because it wasn’t created in the last handful of years and even to market something as being good because it’s new. The word modern has somehow become associated with “something better” even though, in the context of computing, that is rarely true.</p> +<p>According to <a href="https://www.merriam-webster.com/dictionary/modern">Merriam-Webster</a>, the word “modern” is defined as:</p> +<pre><code>1 a : of, relating to, or characteristic of the present or the immediate past : + contemporary + // the modern American family + b : of, relating to, or characteristic of a period extending from a relevant + remote past to the present time + // modern history + +2 : involving recent techniques, methods, or ideas : up-to-date + // modern methods of communication + +3 capitalized : of, relating to, or having the characteristics of the present or + most recent period of development of a language + //Modern English + +4 : of or relating to modernism : modernist + // Modern art has abandoned the representation of recognizable objects.</code></pre> +<p>Really what I’m focusing on here is the second definition and its misuse as a term to justify derision toward programming practices, languages, and software solely based on the age or appearance of said practice, language or piece of software.</p> +<p>For example, I have encountered situations where others would look at the tools that I am using, such as Neovim (which has its roots in the 1976 editor vi), or command-line email clients such as NeoMutt (which has its roots in the 1995 mail client Mutt) or aerc (which had its first release a little over a year ago) and say things like “Why not use a modern editor like VS Code?” or “Why not use a modern web interface for your email?”.</p> +<p>Naturally I’m happy to answer those questions, especially when asked by people who are genuinely curious and not deriding, but I have so often seen tools, practices, and software rejected for not being “modern” (whatever that actually means), that my guard instantly goes up and I assume I’m about to be chastised for using something uncommon.</p> +<p>For a more specific, generally relatable example, there’s the Git email workflow. I have seen the argument made that using Git via email is not “modern” and the GitHub way to contribute to projects is the “modern” way of doing things as a way to put down this type of workflow. Just because something is recent, newer, or shinier does not make it automatically better. In fact, in this particular case I’d argue that the Git email workflow is far superior to the pull request workflow for a multitude of reasons, as I have so often said in the past.</p> +<p>To stop myself from rambling on (many paragraphs have been deleted and re-written), I will end by saying that it’s not some ethereal notion of newness that makes something good but the actual merits of a technique or piece of software that makes it good. Just because something doesn’t look pretty or follow a common way of doing things perpetuated or created by Silicon Valley companies doesn’t make it automatically bad. ¬□(“Modern” = “Good”).</p> +<p>Text editors like Vim and Emacs, email clients like NeoMutt, Alpine, mu4e, or aerc, development practices like the Git email workflow, and even web browsers such as Lynx and w3m allow people to get work done in a way that is efficient for them. Please don’t shun something based on first looks or some mistaken notion of what constitutes modernity; evaluate things based upon their merit at least after considering them or giving them a try.</p> +<p><em>This is my seventy-third post for the <a href="https://social.paritybit.ca/tags/100DaysToOffload">#100DaysToOffload</a> challenge. You can learn more about this challenge over at <a href="https://100daystooffload.com">https://100daystooffload.com</a>.</em></p>]]></description> + </item> +<item> + <title>Be A Good Netizen</title> + <link>https://www.paritybit.ca/blog/be-a-good-netizen</link> + <guid>https://www.paritybit.ca/blog/be-a-good-netizen</guid> + <pubDate>Wed, 15 Jul 2020 23:26:40 -0400</pubDate> + <description><![CDATA[<h2 id="be-a-good-netizen">Be A Good Netizen</h2> +<div class="byline"> +<p><b>Written By:</b> Jake Bauer | <b>Posted:</b> 2020-07-15 | <b>Last Updated:</b> 2020-07-15</p> +</div> +<p>I was working on my post for today and since that’s taking a little longer than expected, I figured I’d tell this story in the hopes that it gets more people to do the same when they encounter a situation like this.</p> +<p>A <a href="https://social.paritybit.ca/web/statuses/104521055804587168">toot about some recent Cisco vulnerabilities</a> caught my attention. I’m used to seeing Cisco vulnerabilities, but what I wasn’t used to was the following SSL connection error I encountered when trying to view the advisories:</p> +<figure> +<a href="/img/cisco-ssl-error.png"><img src="/img/cisco-ssl-error-thumb.png" + alt="A tab in Mozilla Firefox showing an attempt to connect to + tools.cisco.com with the following error message: Secure Connection Failed + An error occurred during a connection to tools.cisco.com. Peer attempted old + style (potentially vulnerable) handshake. Error code: + SSL_ERROR_UNSAFE_NEGOTIATION The page you are trying to view cannot be shown + because the authenticity of the received data could not be verified."/></a> +</figure> +<p>Which I was only alerted to when I shared this link with a friend, and he told me about the following settings (which I have since activated) in Firefox:</p> +<figure> +<a href="/img/firefox-settings.png"><img + src="/img/firefox-settings-thumb.png" alt="Mozilla Firefox's about:config + page showing the settings 'security.ssl.require_safe_negotiation' and + 'security.ssl.treat_unsafe_negotation_as_broken' both set to true."/></a> +</figure> +<p>When those settings are activated (technically only the first is strictly necessary to prevent connections to broken sites) they will stop the browser from connecting to websites with broken SSL negotiation. This is a <a href="https://wiki.mozilla.org/Security:Renegotiation">fairly significant issue</a> so it’s good to have those settings activated.</p> +<p><a href="https://social.paritybit.ca/web/statuses/104521184568713589">I poked fun at Cisco in a response to the original toot</a> because… well… how does a company this large which specializes in networking and network security equipment allow something like this to happen, especially on their security advisories page?</p> +<p>However, the moral of this story (aside from turning on those settings in Firefox), is: when something is broken be a good <a href="https://www.merriam-webster.com/dictionary/netizen">netizen</a> and let the siteowners know; things can’t be fixed if they don’t know about it. I submitted the following report to Cisco letting them know of the problem:</p> +<figure> +<a href="/img/reporting-cisco-error.png"><img + src="/img/reporting-cisco-error-thumb.png" alt="A Cisco general contact page with + a filled out contact form. The form is filled out with information relating + to the SSL error I experienced when previously trying to connect to + tools.cisco.com. Also filled in is my email address, my name, and the link + that I was trying to access. On the right is a set of radio buttons labelled + 'Page rating' with the least favourable option 'Poor minus minus' + selected."/></a> +</figure> +<p>If you come across something like this in the future, I hope you too will be a good netizen and do the right thing!</p> +<p><em>This is my seventy-second post for the <a href="https://social.paritybit.ca/tags/100DaysToOffload">#100DaysToOffload</a> challenge. You can learn more about this challenge over at <a href="https://100daystooffload.com">https://100daystooffload.com</a>.</em></p>]]></description> </item> <item> <title>Installing Debian 10 Buster with Encrypted LVM and btrfs Subvolumes</title> diff --git a/public/img/cisco-ssl-error-thumb.png b/public/img/cisco-ssl-error-thumb.png Binary files differ. diff --git a/public/img/cisco-ssl-error.png b/public/img/cisco-ssl-error.png Binary files differ. diff --git a/public/img/firefox-settings-thumb.png b/public/img/firefox-settings-thumb.png Binary files differ. diff --git a/public/img/firefox-settings.png b/public/img/firefox-settings.png Binary files differ. diff --git a/public/img/reporting-cisco-error-thumb.png b/public/img/reporting-cisco-error-thumb.png Binary files differ. diff --git a/public/img/reporting-cisco-error.png b/public/img/reporting-cisco-error.png Binary files differ. diff --git a/public/sitemap.xml b/public/sitemap.xml @@ -4,6 +4,8 @@ <url><loc>https://www.paritybit.ca/home</loc></url> <url><loc>https://www.paritybit.ca/blog</loc></url> <url><loc>https://www.paritybit.ca/blog/my-attempts-to-fix-my-mastodon-instance</loc></url> + <url><loc>https://www.paritybit.ca/blog/why-i-hate-the-term-modern</loc></url> + <url><loc>https://www.paritybit.ca/blog/be-a-good-netizen</loc></url> <url><loc>https://www.paritybit.ca/blog/debian-with-btrfs</loc></url> <url><loc>https://www.paritybit.ca/blog/using-rm-with-trash</loc></url> <url><loc>https://www.paritybit.ca/blog/new-desktop-checklist</loc></url>